Javier Tebas Medrano is the president of LaLiga, Spain’s most prestiguous football league.
Medrano’s position makes him the most powerful man in Spanish football and by extension, also one of the most powerful in European football, a market worth an estimated €30 billion.
In common with key rivals at the Premier League (England) and Serie A (Italy), Medrano has an IPTV piracy problem to solve. In addition to blocking injunctions already in place, rumors of a crackdown on users of pirate IPTV services persist. A post to X on Monday reignited those rumors.
Medrana Posts Partial Court Order to X
When Medrano posted part of a court document to X yesterday, some assumed that the much-promised IPTV piracy crackdown had arrived; the post attracted over 1.2m views and prompted a significant amount of misunderstanding. Here we begin with the post (translated from Spanish) and the relevant text as it appears in the order.
Medrano refers to a statement from the Superior Court of Justice of Catalonia (the document embedded in his post and partially shown below) concerning the outcome of legal action by LaLiga following a piracy investigation.
According to Medrano, the order will see IP addresses collected by LaLiga “that transmit illegal content” sent to Spanish ISPs [Telefónica, Vodafone, Orange, MásMóvil and Digi].
Under the orders of the court, the ISPs will match those IP addresses to the relevant subscriber accounts. The personal details of those subscribers will then be handed over to LaLiga.
The highlighted potato-quality Spanish text relates to the information the ISPs must hand over. When translated to English it reads as follows:
1) IP address assigned to the user when they accessed the Server that enabled the audiovisual content to be shared unlawfully
2) Name and surname of the holder of the Internet access service contract
3) Postal address of the [internet] line installation and billing details
4) Identification document [NIF, NIE, other] regarding the information of the IP Address of the server to which you have connected, port of the server to which you have connected, and time of the request (GMT+0)
What This Case is *Not* About
Before tackling the court order itself and comparing that to how LaLiga presents it, some important background.
This legal action does not relate to people who watch or subscribe to pirate IPTV services, nor does it have anything to do with people who access illicit streams of LaLiga matches, made available by unlicensed websites.
As illustrated in the image to the right, some mainstream Spanish newspapers have opted for the sensational reporting angle that anyone who watches pirated football will receive a fine. There is no evidence to support that claim, but it’s possible from the information made available thus far, that something even more sensational may be underway.
Order Issued By Barcelona Court
Court: Commercial Court Number 8 of Barcelona
Judge: Javier Ramos De La Peña
Applicant: La Liga Nacional De Fútbol Profesional (LaLiga)
In order for LaLiga to obtain customer information from ISPs, ISPs are sometimes considered ‘no fault’ defendants in these types of applications. Five headline ISP ‘brands’ are involved here, but many more ISPs are listed in the order, including some providing mobile internet access:
Orange Espagne Sau, Vodafone Ono Sau, Masmovil Ibercom Sa, Digi Spain Telecom Slu, Telefonica De España Sau, Telefonica Moviles España Sau, Orange España Virtual Slu, Vodafone – Espana Sau
In the words of the Judge as presented in his order, the case concerns piracy of content detailed as follows:
Specifically, it concerns audiovisual content offered live and with exclusive access to residential customers and public establishments on pay television, with customers of the Movistar Plus+ satellite service being the only ones with access for their exclusive consumption, through a satellite dish, decoder terminal, and customer card.
Card-Sharing Piracy
It’s alleged that Movistar Plus+ content is being accessed illegally using ‘card-sharing’. In basic terms, legal subscribers to Movistar Plus+ hand over money and in return receive a viewing card. Once placed in an authorized set-top box, these cards enable scrambled satellite signals to be viewed as intended on a TV.
Such ‘conditional access’ systems provide access to TV content on the condition that the viewer has subscribed and is using a legitimate viewing card. In card-sharing systems, however, the codes that unlock the encrypted TV signals in connection with a legal viewing card are retransmitted via unauthorized equipment over the internet.
Internet users in possession of a suitable non-official set-top box can pay a small subscription fee to an illegal supplier to receive the codes from the legal card. These are streamed continuously over the internet and that decrypts the regular satellite signal usually received.
In summary, card-sharing piracy can involve the purchase of a single legal card and the benefit from that card can be shared among any number of additional viewers via the internet. Only codes are sent and received, all audiovisual content is obtained from regular satellite signals.
LaLiga’s Claim, Judge’s Conclusion
The Judge’s order addresses the two main types of people involved in card-sharing as detailed above: [1] those who purchase a legal viewing card and share the codes to others over the internet in exchange for a fee, and [2] those who pay a fee to access the codes but do not pay anything to Movistar Plus+. ([1]+[2] added for reference)
One of the forms of unlawful access is the so-called “Cardsharing,” which uses the protocols “CCCam and IKS,” presupposing the participation in the piracy network, on one hand, of [1] users who paid for conditional access to a satellite connection, offering them on the internet for illicit profit, and, on the other hand, of [2] users who acquire satellite connection equipment enabled to access original card codes without authorization.
At this point one of the Judge’s comments gives reason to pause. It references IP addresses and how they can be “detected” to show the IP addresses of servers supplying codes and the IP addresses of users receiving codes.
The basic element for identifying connections on the Internet, the IP address, can be detected both to show the identification of servers and the connections of users participating in the piracy platform.
If we use a simple downloading analogy, a computer offering a movie for download and a computer offering codes are essentially the same. Anti-piracy companies can easily identify both by simply requesting the movie or subscribing to the card-sharing server and logging what they receive.
The same cannot be said of those downloading a movie or receiving codes from a server. If there was a way to positively identify downloaders of pirated content engaged in a client/server arrangement that stood up in court, it would’ve been used by now.
Time to break out a hastily-put-together diagram to show why obtaining IP addresses of card-sharing servers is easy, and why obtaining those of customers is not.
The satellite top right transmits an encrypted TV signal (everything in red is encrypted) to a legitimate viewing card top left. From there the extracted codes pass through a regular router/modem (with a public-facing IP address that can be “detected”) and onwards to the subscriber’s internet service provider, depicted here as three blue servers. From there they are further distributed via the internet.
Directly underneath the ISP’s servers are the internet connections of the card-sharing service’s customers who receive the codes. After passing their routers/modems, those codes are received by their unofficial set-top boxes. In exactly the same way the satellite transmitted encrypted TV signals to the legitimate card, these set-top boxes also receive encrypted signals, also shown in red.
However, since these set-top boxes are receiving the codes from a card-sharing server, their output to a TV or similar viewing device (depicted here in purple) is a clear, unencrypted picture.
Anti-Piracy Investigators
Inside the orange box at the top are anti-piracy investigators. Just like any other customer, they have subscribed to the card-sharing service, which means they have direct access to the server’s IP address, shown here using the orange lines/pointers. Bottom right in a second orange box is a second set of anti-piracy investigators and their job is to identify the IP addresses of those receiving the codes.
According to the Judge, the IP addresses of both the server “and the connections of users participating in the piracy platform” can be detected. And herein lies the problem.
From the information made available, LaLiga appears to have no idea who these users are. It appears that while LaLiga has the IP addresses of the card-sharing servers, it has no idea of the IP addresses used by those who accessed those servers.
That seems to lead to a remarkable conclusion; IP addresses are usually the starting point for most online infringement allegations. Rightsholders match known infringements to IP addresses themselves and then move to ISPs, hoping to match those IP addresses to real-life identities. In this case, LaLiga has the IP addresses of the servers, but has no IP addresses for the users.
That necessarily means that no violations have been matched to any user IP addresses. The big question is whether LaLiga has any evidence whatsoever to show that any customer at any ISP has done anything wrong. It doesn’t have their IP addresses, that much is certain.
Let’s Go Fishing
According to the court documents, the information LaLiga wants the ISPs to hand over can be deduced from information LaLiga has in hand. The information was obtained from card-sharing servers, including IP addresses and ports. Here’s how that’s explained in the order (legal conditions unrelated to technical matters have been removed)
La Liga provides in its request the IP addresses and port of the servers, as well as the time of the request, data that has been obtained legitimately. With this starting data, it is possible, after issuing the requirement contained in art. 256.1.11* LEC to the internet service providers listed in the request, to complete the identification of the users of their services participating in the scheme….
That seems to lead to just one conclusion. LaLiga has the IP addresses, port details, and potentially other information related to the card-sharing servers, but may be working on the mere assumption that users of the five ISPs accessed those servers at specific times, but has no evidence to prove it – yet.
If that’s actually the case, and there isn’t some extra dimension to this that hasn’t been revealed or is being hidden, LaLiga may be doing something that to our knowledge has never been done before.
The court order seems to require the five ISPs to go through their IP address logs – not to identify the names and addresses of subscribers behind known/suspected infringing IP addresses – but to identify infringement itself.
When the ISPs match card-sharing server IP addresses with IP addresses that appear in subscribers’ activity logs, that may be the first time that any evidence of potential infringement has been surfaced against any user in this case thus far.
There may be other explanations but with veteran file-sharing defense lawyer David Bravo posting memes to X, he may be already counting the money.